General Archives - Page 7 of 30 - Cybersecurity Magazine

The cybersecurity sector is experiencing an unprecedented skills shortage and the bad news is that it is set to get worse. According to recent figures from the Department for Media, Culture and Sport (DCMS), there is an annual deficit of 14,000 entering the market which will lead to cumulative shortages. It is a situation further exacerbated by the Great Resignation which is seeing an exodus from the industry due to high stress levels and burn out rates, with more than a third tempted to quit their jobs.
There is particular demand for those in middle management or senior roles with three years of experience or more, according to the DCMS report, which is likely to cause problems for businesses over the next few years while new entrants hone their craft.

General History of Hacking

Hackers History: Part 1

August 12, 2022 Tom Madsen

erm “hacker” was used as a term of honour for someone who was able to come up with creative solutions to programming problems. The term hacker changes from something positive to something negative during this period. This happens when a journalist gets the term changed after an interview. When exactly this happens, there is a lot of disagreement about, therefore I will refrain from giving a precise year. This is also the period when you start hearing the name Kevin Mitnick for the first time. He has been described far and wide in many places, including in a movie.

General

Do I Still Need a WAF?

August 5, 2022 Ross Moore

The FBI recently released a public advisory regarding a sharp rise in deepfake videos being used by scammers when applying for remote positions. Combined with identity theft, these criminals are able to convince their would-be remote employers that they are who they claim, and often get positions that have access to sensitive data.
HR, recruiters, and other hiring professionals can no longer use only the techniques they used even a year ago when hiring for remote positions. Those in a hiring position need to be able to pick up on potential clues, such as lip movement that doesn’t coordinate with the audio. It’s not a matter of “this isn’t your parents’ world;” it’s “this isn’t even last year’s world.”

General

7 Reasons Why Businesses Are Failing to Secure Their APIs

July 25, 2022 Jason Kent

Application Programming Interface (API) use has eclipsed web app use in many sectors, with 70 percent of the 21.1 billion transactions analysed in the latter half of 2021 using this mechanism. APIs are popular because they the business to rapidly upscale development by providing mobile services, migration to the cloud and faster release cycles all of which results in a better connected ecosystem. Their use is expected to continue to rise, with 57 percent of organisations expecting to switch their applications to APIs over the next two years, according to the Enterprise Strategy Group (ESG).
Recognising this shift, attackers have been quick to capitalise on the move and have also turned their attentions to APIs. The latest Cloud Security Alliance (CSA) league table of threat vectors released in June revealed that API attacks are now the second biggest threat facing cloud computing, Two years previously they came in way down the list at number seven which means API attacks are real and growing and that businesses aren’t doing enough to secure their API infrastructure. But where are they going wrong?

General

How Social Media Impacts Business Cybersecurity

July 22, 2022 Zac Amos

Social media has become an essential marketing tool for modern companies. Online platforms like Instagram, Facebook and Twitter allow businesses to easily expand their reach, communicate with their ideal audience and build trust by posting organic content. Unfortunately, using social media also increases cybersecurity risks.
Criminals are skilled at mining social media for data, manipulating employees and using public information to break into company accounts. Without proper protections in place, it can be a significant security risk for your business.

General

The Obstacles to Putting SAP in the SIEM

July 15, 2022 Tim Wallen

SAP is used by 92% of Forbes Global 2000 companies, stores 70% of all corporate data globally and touches 77% of the world’s transactional revenue so its reputation as a market leader in enterprise application software is undeniable. But its ubiquity, longevity and access to sensitive data also makes it a prime target.
SAP systems, from enterprise resource planning (ERP) and human capital management to sales, stakeholder relationship management (SRM), and customer relationship management (CRM), hold valuable digital assets – be it intellectual property, company secrets, employee data, and more. This data is used for business planning, product lifecycle management, business intelligence, or other vital operational procedures.

General Journal Abstracts

Design and Deployment of Network Testbed for Web Data Security

July 11, 2022 Editor's Desk

Abstract: In recent years, the cyber security scenario has transformed predominantly from conventional response-based security mechanisms to proactive security strategies. And this transformation is still continuing which is shifting it from proactive security strategies to cyber immunity which eliminates the cyber threats by introducing stringent and adaptive security measures. In the process of developing new security algorithms/procedures, accurate modelling and effective simulation play a vital role for the robustness and effectiveness of proposed system. It is also necessary to analyze the behaviour of proposed system against multiple types of known cyber attacks. This paper focuses on the existing network testbeds for an effective analysis and monitoring while proposing a new network testbed for examining new security concepts like cyber immunity. The proposed network testbed is designed to incorporate the methods and procedures of Nature-inspired Cyber Security to accommodate the adaptive responses against the sophisticated and ever-advancing cyber attacks. The proposed testbed provides customizable analytical tool to design, test and examine the new security algorithms through a rich set of attack scenarios. It also allows developers to design, implement, and evaluate their defensive techniques with library support.

General

Should You Be Using an Electronic Signature

July 4, 2022 Zac Amos

If you’ve submitted documents online in the past several years, you may have signed your name electronically. This practice has become increasingly common as businesses gradually move their recordkeeping processes online. That said, electronic signatures (e-signatures) aren’t a match for every business.

General

The Current Intersection of Universal Design and Cybersecurity and Why It Must Expand

July 1, 2022 Luke Smith

Many businesses develop cybersecurity programs without considering universal design. This results in programs that fail to meet the needs of the entire workforce. Even worse, inaccessible cybersecurity programs can force workers to miss out on important security tips and insights. This can lead to data breaches that damage a company’s brand reputation and bottom line.
A clear understanding of the relationship between cybersecurity and universal design is a must, especially as more industries become common targets for cyberattack. Cybersecurity professionals can apply universal design best practices in their everyday work. In doing so, they can develop and maintain best-in-class cybersecurity programs.

General

Using Next Gen DPI to Ensure Visibility and Control for Security Service Edge

June 24, 2022 Erik Larsson

The Security Service Edge (SSE) model provides a convenient, scalable way to make sure users can safely access the Internet,